OT Security Enterprise/Network Architect

Security Enterprise/Network Architect

Location: Remote but regular travel to Poland will be required

Key Responsibilities

Responsible for a comprehensive analysis of technical documentation at the low level design stage, as well as the actual configurations and systems operating across various sites.

Not responsible for implementing the proposed solutions but possibly participate in defining requirements for providers and supporting implementation

Review existing projects and network environments, identify gaps, inconsistencies, and potential architectural issues, and then prepare proposals for changes or design missing elements in accordance with best practices, security requirements, and high-availability principles.Major Tasks

Present complex network environments at different levels of detail-from high-level logical diagrams to detailed configuration schematics-in a way that is understandable to both technical teams and business stakeholders.

Prepare documentation, presentations, and visualizations of network architecture to support decision making and planning.

Analyze complex environments, including physical and logical configurations at sites, propose optimal solutions, and clearly communicate their recommendations.

Significant added value

Experience in designing or implementing remote access systems for industrial automation networks (OT/ICS), considering security requirements and IT/OT environment separation. Additionally, the ability to design a secure Internet access system for critical environments-including traffic filtering, content inspection, application control, and integration with monitoring and incident response systems. Knowledge of standards and best practices in this area (e.g., IEC 62443, NIST) .

Experience working with devices from various vendors such as Cisco, Juniper, Fortinet, and Palo Alto is highly desirable.

Preferred certifications include Cisco CCNP Security, CCNP Data Centre, or CCNP Enterprise, as well as certifications from other vendors (Juniper JNCIP/JNCIE, Fortinet NSE 4-7). Additional advantages include cloud networking certifications (AWS/Azure Networking Specialty).

Key Deliverables

Comprehensive analysis of technical documentation.

All recommendations based on reviews/analyses must be logically justified and presented in clear documentation and reports.

Qualifications

Advanced knowledge of networking , as well as experience in designing and optimizing LAN, WAN, and Data Centre solutions. A solid understanding of segmentation mechanisms, QoS, redundancy, and network security technologies-including firewalls, VPN, IDS/IPS, and NAC-is essential.

A good command of English is required to work with documentation and communicate with vendors.ersg are an equal opportunities employer; we are committed to promoting equality of opportunity for all job applicants. We do not discriminate against applicants on the basis of age, sex, race, disability, pregnancy, marital status, sexual orientation, gender reassignment or religious background; all decisions are based on merit